Solution

Make your systems agent-callable. Safely.Custom MCP servers, scoped tools, audit-grade access.

MCP is the open standard that lets LLMs call your tools without bespoke per-model glue. We design, build, and deploy MCP servers around your existing systems — Odoo, internal APIs, databases, ticketing — with least-privilege scopes, structured outputs, and the observability that makes them safe to use in production.

Once
written, reusable across every compliant model client
Read-only
by default — write scopes added deliberately
< 4 wks
first server in production for a well-scoped system
100%
audit log of every tool call · who · what · when
Use cases

Where MCP integration pays back

Internal API exposure to agents

Wrap your existing REST / GraphQL endpoints as MCP tools. Agents call them with structured arguments, get validated responses, and you keep full control of auth, rate-limits, and audit.

ERP / CRM access

Odoo, SAP, Salesforce, HubSpot — MCP servers expose customer / order / inventory data to agents read-only, with optional write scopes behind explicit approvals.

Database query tools

Scoped, parametrised query tools (not raw SQL) that let agents answer questions over your data without exposing the schema or risking destructive operations.

Document + knowledge-base search

Confluence, Notion, SharePoint, custom doc stores — wrapped as semantic search MCP tools with citation requirements baked into the response schema.

Cross-team shared tooling

One canonical MCP server for "lookup_customer", "search_orders", etc. — used by every agent in the org. Stops every team from reinventing the same wrappers with subtly different bugs.

Compliance-grade audit endpoints

MCP servers fronting regulated systems with full call-by-call audit log, immutable trace, and the policy-citation requirements compliance teams ask for on day one.

Industries served
IT ServicesERP / Enterprise SoftwareFinancial ServicesHealthcare Operations
System architecture

How the system is wired

How a Claude agent calls an MCP-wrapped system
Claude agentreasoning stepTool selectiondescription scoringMCP serverauth + schema validateYour systemAPI / ERP / DBAudit logstructured trace
Technology

MCP server stack

Model clientsClaude · GPT · local models · Cursor · customMCP protocol layerJSON-RPC over stdio / HTTP / SSE · streaming · auth profileServer SDKPython or TypeScript · @modelcontextprotocol/sdk · Pydantic typingTool layerWraps internal REST / GraphQL / DB / SaaS APIs with scoped permissionsAudit + observabilityPer-call structured logs · auth context · cost attribution
Methodology

Integration delivery process

01

System inventory

Identify the systems the agent needs to read or write. Define the verbs (lookup, search, create, update) and the scopes you are comfortable exposing. Most teams start with 4–8 tools and grow deliberately.

02

Schema design

Write the tool descriptions as selection prompts ("use this when…") and Pydantic schemas for inputs and outputs. The descriptions are the prompts the model scores against — they get more iteration than the code.

03

MCP server implementation

Python or TypeScript server using the official SDK. Each tool is one function. Auth uses the MCP 1.0 enterprise auth profile (OAuth 2.1 + scopes). Streaming where it pays back.

04

Eval set + observability

Adversarial eval cases against the tool descriptions — does the model pick the right tool for ambiguous inputs? Per-call telemetry wired to your observability stack.

05

Production rollout

Start behind a feature flag with read-only scopes. Add write scopes deliberately and gated. Monitor the score deltas in production — they tell you when descriptions are drifting.

Security & scalability

Security & scalability

Least-privilege scopes

Every tool ships with the minimum permissions required. Write scopes are explicit and reviewed. Mutating tools go behind an approval queue or human-in-the-loop confirmation where the operation is irreversible.

Enterprise auth profile

MCP 1.0 spec defines OAuth 2.1 with PKCE and scope-based capabilities. We use it. Customer auth flows are inherited from your existing identity provider.

Schema validation in / out

Pydantic validators on inputs prevent prompt-smuggled bad arguments. Output schemas enforce structure — agents cannot bypass the contract.

Audit-grade logging

Every tool call logs the model that invoked it, the auth context, the input, the output, the duration, and the cost. Immutable trace. Replayable.

Rate limiting + circuit breaking

Per-tool rate limits, error-budget tracking, and explicit circuit breakers on the downstream system. A misbehaving agent cannot DDoS your ERP.

Multi-tenant ready

Scopes can be parameterised by customer / tenant / project. One server can serve many tenants without leaking context between them.

Integrations

Systems we have wrapped as MCP servers

  • Odoo (read-only customer / order / inventory tools)
  • GitHub + GitLab (review, search, issue, PR-comment tools)
  • Internal REST APIs (Python + TypeScript wrappers)
  • PostgreSQL + MySQL (scoped, parametrised query tools)
  • Confluence + Notion + custom doc stores (semantic search)
  • Salesforce + HubSpot (account, contact, opportunity tools)
  • Slack + Microsoft Teams (lookup + notify only by default)
  • Stripe + Razorpay (read-only by default)
Business impact

Why MCP integration compounds

A custom MCP server is written once and reused by every agent in every workflow that needs that system. The same Odoo MCP server we wrote for a support agent is reused by the renewals agent, the onboarding agent, and the analytics agent — with the same auth and audit story.

1
server, every agent in the org can call it
~4 wks
first server in production for a well-scoped system
~1 wk
each subsequent server (the patterns transfer)
100%
audit-trail coverage on every tool call
Case studies

How recent engagements actually shipped

ERP / Enterprise Software · 8 weeks discovery → handoff

ERP support triage agent eliminates the Level-1 backlog

Odoo-based ERP partner · Gujarat · ~60 implementation consultants

Problem

Customer support backlog had grown to ~340 open tickets. Level-1 triage took 12–20 minutes per ticket on average, and 35% of tickets were misrouted on first pass — every misroute became a customer-facing escalation churn.

Solution

A supervisor-pattern agent that ingests email and form submissions, classifies the issue, queries the customer's Odoo instance for context (open invoices, recent modules, last login, current contracts), drafts a Level-1 response with the right module screenshots inline, and routes complex tickets to the right consultant with a pre-filled handoff brief.

Claude Sonnet 4.6 (drafting)Custom MCP server: Odoo (read-only customer / order / invoice scope)Supervisor patternPydantic schemas
340 → 18
open L1 backlog within 6 weeks of go-live
~60%
L1 staffing reduction on agent-eligible categories
$2.30
average cost per agent-resolved ticket
8 wks
engagement, discovery to handoff
Read the full case study
Workshop / Public Build · 1 day · 8 hours hands-on

The Agentic Operating System — workshop build

AIMED · public workshop · ~40 engineers

Problem

Most teams meeting agentic AI for the first time get stuck on one of three blockers: tool design, orchestration choice, and the gap between a working demo and a system that survives Monday morning. The AIMED workshop format compresses the answers into one day of hands-on building.

Solution

A day-long live build of "the Agentic Operating System" — a multi-agent shell with a supervisor (planning, decomposition), handoff agents (parallel reads, sequenced writes), shared tool registry via MCP, and observability wired in from line one. Every attendee leaves with a running shell on their own laptop, the source, and the patterns to extend it.

Claude Sonnet 4.6 + Haiku 4.5 (free Claude Code tier worked)Three MCP servers built from scratch: filesPython supervisor + handoff context passingLangfuse traces from the first agent call
40
engineers shipped a running multi-agent shell on their own laptops
3
MCP servers per attendee, written from scratch
8 hrs
concept to working artefact
Read the full case study
Deep dives

Read what we publish on this

Tool Design

Tool descriptions are prompts. Fix the registry, not the agent.

When an agent picks the wrong tool, the registry is broken — not the agent. Three rules I now apply before debugging anything in a multi-tool system: precise names, "when to use" triggers, and a curated load list. Anthropic's new tool-selection telemetry finally puts numbers on what changes accuracy.

Read the post Production

The cheapest LLM call is the one you do not make — GitHub's 19-62% token cut, decoded

GitHub published an instrumented analysis of their agentic CI workflows and reported 19-62% token-cost reductions. The savings are the headline. The technique — pre-agentic data fetching and tool-registry hygiene — is the story most teams will miss.

Read the post Architecture

Claude Opus 4.7's 1M context: when to RAG and when to just stuff it

A million tokens reliably is real now, but it does not retire RAG — it changes the calculus. Cost, latency, recency, and the prompt-cache angle nobody is talking about.

Read the post MCP

MCP 1.0 is here. What changes for the servers you already wrote

The protocol stabilised. Most working servers will keep working. Three places the new spec actually requires changes — auth profile, server registry, streaming-response semantics — with diffs from a real migration.

Read the post
Frequently asked

MCP Integration — questions buyers ask

Map your first MCP server

In a 60-minute call we identify the highest-leverage system to wrap, the verbs that matter, and the scope of a first MCP server you can ship in 3–4 weeks.

Adjacent

Topics & solutions worth reading next

Topic Pillar

Agentic AI

Designing, building, and shipping production agents.

Topic Pillar

Model Context Protocol (MCP)

The open protocol that gives agents tools.

Topic Pillar

AI Engineering

The discipline of shipping AI systems, not demos.

Topic Pillar

Enterprise AI Automation

Operational agents for IT services and enterprise teams.

Solution

Agentic AI Consulting

Designed, built, and handed off — production agentic systems for enterprise teams.

Solution

AI Guardrails

Multi-layer safety, policy, and audit controls for agents in regulated environments.

Solution

Enterprise AI Architecture

Reference architectures for organisations standing up an AI platform — not one agent, but the foundation for many.

Solution

AI Automation for Enterprises

Operational agents that replace manual workflows — triage, support, ERP integration, content pipelines.